Slashdot videos: Now with more Slashdot!
We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).
For a couple years now the world has settled on a definition for cloud. It's three service models. (1) Delivering an application through a web interface (SaaS), delivering an OS in a virtual machine for arbitrary applications (Iaas), delivering a development platform to simplify the creation of a new generation of applications (PaaS).
Controlling the lifecycle of these resources is non-trivial. It requires hooks at virtual machine creation, security for access, limits for resource consumption, and time tables for reclamation. In the industry we call this orchestration.
Finally, these models in highly-controlled on-premis environments is called "private cloud". Running them in fully shared datacenters is called "public cloud". Giving customers the ability to federate services across these two environments is called "hybrid cloud".
Here endeth the lesson. Just because you don't understand a word doesn't make it a buzzword.
- "We assume the attacker knows the software running on the victim VM and has access to a copy of it"
- "We demonstrate how to use interprocess interrupts (IPIs) to abuse the Xen credit scheduler in order to arrange for frequent interruptions of the victim’s execution by a spy process running from within the attacker’s VM...[then much later]...we leverage the tendency of the Xen credit scheduler to give the highest run priority to a VCPU that receives an interrupt."
- "We will only be able to spy on the victim when assigned to the same PCPU, which may coincide with only some fraction of the victim’s execution."
In other words, this exploit requires: knowing what cryptographic software is being run, the presence of Xen and an apparent security hole therein, and lucky core colocation of the VMs in an environment that could easily have dozens of VMs running against more than a dozen cores "over the course
of a few hours".
In short, all of this is unlikely to be reproducible outside of a lab.
First, the local vegetable market is dominated by Malaysian and Chinese imports. Both of these countries have questionable laws limiting the use of pesticides and fertilizers. I have no doubt that their products are grown unsustainably. Most people wash Chinese vegetables with soap for fear of the chemicals that may remain on them.
Those imported vegetables are incredibly cheap locally. Its possible to get all the food you need for a stir fry for a small family (with meat) at a local wet market for just a few dollars. But, as I said above, the safety of that food is dubious. Singaporeans are now rich enough (average income second only to Japan in Asia) to expect a better quality of food.
The one vegetable that we simply cannot get in quality is the tomato. Most are flown here under ripe so they do not crush in transit. Of course the carbon footprint of those tomatoes must be massive. The higher quality ones come from Japan, but apparently were shipped frozen. Tomatoes are mushy, mealy, and never taste like a proper tomato picked in southern Europe's late summer. Sky green's web page shows they are only tackling non-flowering vegetables (greens). This is probably because they are not able to farm the bees needed for tomato pollination. I've never seen a bee in Singapore and don't know what the concerns are of raising honey bees on the island.
Just a few thoughts from an American in Singapore...
The military industrial complex that Eisenhower warned the US about is focused on China. Its using China to justify its existence. It needs China to sustain its budget. And I think it is subtly behind the propaganda that got this author to suggest the weapons development is focused on China.
We could say China has been around 60 years or 2000 years. But in either case, China has has a pretty good track record of not engaging in wars that were not within or adjacent to its borders. In 60 years the US's can make no such claim. That the US would need a bomber to strike targets in China "for self defense" is not reasonable. And suggesting that the US would be in a defensive war against China flies in the face of what we know about Chinese ambitions.
As an enterprise infrastructure technologist, I can tell you that Java is very much alive. With or without Android, it is not going anywhere anytime soon.